Tag: hackers

Dad stuck in support nightmare after teen lied about age on Discord

Brady Frey did not realize that his daughter lied about her age when she set up her Discord account. He only found out after her account got hacked and he got trapped in a spiraling support nightmare while trying to stop the hacker from targeting dozens of her young friends with financial extortion scams.

When Frey’s daughter signed up for Discord, she was 12 and technically not old enough to have an account. But like many kids who, regulators have found, commonly lie about their age to access social media platforms, she didn’t want to wait another year to join her friends on the messaging app. Hiding her age, she created an account that listed her as over 18 years old.

Now 13, the teen had been happily using the app for months when she suddenly got locked out of her account after clicking on a link from an attacker posing as Discord support. Since she didn’t enable two-factor authentication, the attacker was able to commandeer the account. Frey only found out what was happening when the attacker asked the teen to share her parents’ banking information if she wanted to get her account back.

Once Frey realized his daughter had been hacked, he assumed that Discord would promptly intervene, recognizing that many minor victims on her friends list could be harmed the longer the attacker kept control. Instead, Discord’s chatbot, Clyde, and a seeming human support member, Nelly, automatically closed her support tickets after telling her it would be best to report the issue from inside the app, which she could not access.

Frey told Ars he was shocked to see a platform as big as Discord relying on such poor support infrastructure.

“There’s no pathway for a parent to step in and advocate for a minor whose account has been compromised,” Frey told Ars.

Keep reading

FBI Warns Congress of ‘Major’ Cyber Hack Involving China That Could Threaten National Security

Not even the FBI is safe from Chinese hacking operations.

A computer security breach in the bureau’s Virgin Islands offices, first detected in February, has been reported to Congress as a “major incident” that could threaten national security, Politico reported Wednesday.

And it appears that the Beijing regime is behind it.

As Fox News reported Thursday, it was unclear what information was accessed in the hack.

However, the FBI reported the breach in compliance with the Federal Information Security Modernization Act of 2014, a law that requires specific committees in both Houses of Congress to be notified if a federal agency’s computer system is compromised to the point where national security is at risk.

“The determination suggests the hackers successfully compromised swathes of sensitive data stored directly on FBI systems, likely marking a major counterintelligence coup for China,” Politico reported.

Keep reading

White House renamed ‘Epstein Island’ on Google phones – WaPo

The White House was briefly renamed ‘Epstein Island’ for some Google Pixel phone users, the Washington Post has reported.

The term is used to refer to the Caribbean island of Little St. James, which had been owned by the late convicted pedophile Jeffry Epstein. According to the prosecutors, it served as the venue for sex trafficking and other abuses involving some high-profile figures in business and politics.

WaPo said in an article on Saturday that when its journalist tried calling the White House switchboard earlier this week, the name on screen indicated that they were contacting “Epstein Island.”

Only users of Google’s Pixel phones experienced the issue. For those calling the presidential residence from other Android phones and iPhones, no name was displayed, the report read.

Keep reading

Who’s behind the mysterious ‘Iran-backed terror cell’ haunting Europe?

Claims that an Iran-backed group is carrying out attacks in European cities raise questions about why they’re not targeting countries directly involved in the US-Israeli war, and why they appear to communicate like Israelis.

Strangely, suspects arrested in the attacks have been released on bail.

A specter is haunting Europe – the specter of Ashab al-Yamin. Officially known as “Harakat Ashab al-Yamin al-Islamia (HAYI),” or the “Islamic Movement of the Companions of the Right,” the group mysteriously appeared in early March, and, according to mainstream media, it’s taking the continent by storm.

But a closer look at the supposedly Iran-backed terror organization suggests that it does not exist in any concrete form, and may be a confection of Israeli intelligence.

Though the nebulous HAYI claimed credit for torching ambulances belonging to a Jewish community organization in London on March 23, two suspects in the attack have been released on bail, and are not charged with any terror-related crimes. What’s more, London Metropolitan Police have so far refused to release the men’s names, raising questions about their identities. Were they even Muslim? 

HAYI’s first public mention in the West came on March 9, when the previously non-existent organization released a video showing an explosive device detonating outside a synagogue in Liege, Belgium, alongside a statement taking credit for the attack. Within hours, the group had somehow been identified by the “SITE Intelligence Group,” an Israeli-led private intelligence firm founded in the aftermath of Sept. 11 to cash in on the newly-minted Global War on Terror.

The materials HAYI published were promptly circulated on social media by Joe Truzman, a self-described “Senior Research analyst examining Palestinian armed groups and Iranian proxy organizations” at the Foundation for the Defense of Democracies (FDD), a neoconservative DC-based think tank founded in 2001 with the stated goal of working to “enhance Israel’s image.” As The Grayzone reported, the Trump White House plagiarized its public justification for attacking Iran word-for-word from an FDD paper. 

Though Truzman declined to state where he’d found the materials, he wrote that “Telegram channels linked to the Axis of Resistance… widely disseminated the publications,” using a reference to a variety of resistance factions sympathetic to Iran and Palestine throughout the greater Middle East. The group he linked to, a popular Telegram channel called Sabereen News, made it clear they were reposting the video, which they said was the work of a group calling themselves “the companions.” 

Almost immediately, Truzman began asserting that these “companions” were all but guaranteed to be a Tehran-linked cutout. For starters, he told British media, “their logo with the wording is a sign of a classic Iranian front organization.” And Iran had already threatened to carry out just such a wave of attacks, Truzman claimed. After all, he wrote, “On March 8, Majid Takht-Ravanchi, Iran’s deputy-foreign minister, warned that if a European country joined the US and Israel in the current war against the Islamic Republic, it would be a ‘legitimate’ target ‘for Iranian retaliation.’”

Over the next two weeks, the shadowy group would go on to take credit for burning a vehicle in a Jewish neighborhood in Antwerp, arson at a synagogue in Rotterdam, explosions near a Jewish school and financial office building in Amsterdam, firebombing Jewish-dedicated ambulances in London, and an unspecified attack in Greece. 

So far, the only media outlet to have interviewed a member of HAYI is CBS News, which was recently purchased by David Ellison, the ultra-Zionist billionaire son of the largest individual donor to Israel’s military, Larry Ellison, who happens to be a close friend of Israeli Prime Minister Benjamin Netanyahu. Bari Weiss, the editor-in-chief installed by Ellison at CBS, is a self-described “Zionist fanatic.”

Keep reading

Iran-linked hackers breach FBI director’s personal email, publish excerpts online

Iran-linked hackers on Friday claimed they had accessed ​FBI Director Kash Patel’s personal email inbox, publishing photographs of the ‌director and other documents to the internet.

On their website, the hacker group Handala Hack Team said Patel “will now find his name among the list of ​successfully hacked victims.” The hackers published a series of personal photographs ​of Patel sniffing and smoking cigars, riding in an antique ⁠convertible, and making a face while taking a picture of ​himself in the mirror with a large bottle of rum.

A Justice Department ​official confirmed that Patel’s email had been breached and said the material published online appeared authentic. The FBI did not immediately respond to a request for ​comment. The hackers did not immediately respond to messages.

Handala, which ​calls itself a group of pro-Palestinian vigilante hackers, is considered by Western researchers to ‌be ⁠one of several personas used by Iranian government cyberintelligence units. Handala recently claimed the hack of Michigan-based medical devices and services provider Stryker (SYK.N), opens new tab on March 11, claiming to have deleted a massive trove of ​company data.

Reuters was ​not able to ⁠independently authenticate the Patel emails, but the personal Gmail address that Handala claims to have broken into ​matches the address linked to Patel in previous ​data breaches ⁠preserved by the dark web intelligence firm District 4 Labs. Alphabet-owned Google, which runs Gmail, did not immediately respond to a request for comment.

A ⁠sample ​of the material uploaded by the hackers ​and reviewed by Reuters appears to show a mix of personal and work correspondence ​dating between 2010 and 2019.

Keep reading

Sweden Breach Shows the Security Risks of National Digital ID Systems

A hacker group calling itself ByteToBreach has posted what it claims is source code stolen from CGI’s Swedish division, among the allegedly compromised systems: the codebase powering BankID logins for the Swedish Tax Agency.

It’s a ransacked filing cabinet inside the architecture of a country that digitized itself completely, then discovered the cost of doing so.

BankID is the single authentication layer Swedes use for nearly everything; government services, banking, digital signatures, and tax filings.

Over 8.6 million people in a country of just over 10 million run their digital lives through it. That’s a national dependency, a single point of failure dressed up as infrastructure modernization.

The dump appeared on Breached.

Journalists at Dagens Nyheter reviewed portions of the leaked material and reported finding source code, passwords, and encryption keys. Breached was taken offline over the weekend as part of a cybersecurity operation, limiting independent verification.

Also reportedly being sold separately: databases containing Swedish citizens’ personal data and electronic signature documents. The breach exposes a layered vulnerability.

CGI confirms it, but frames it narrowly

Keep reading

Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US

A cyberattack on a U.S. vehicle breathalyzer company has left drivers across the United States stranded and unable to start their vehicles.

The company, Intoxalock, says on its website that it is “currently experiencing downtime” after a cyberattack on March 14. Intoxalock sells breathalyzer devices that fit into vehicle ignition switches, and is used by people who are required to provide a negative alcohol breath sample to start their car.

Intoxalock spokesperson Rachael Larson confirmed to TechCrunch that the company had been hit by a cyberattack. Larson said the company took steps to “temporarily pause some of our systems as a precautionary measure.”

These breathalyzer devices need to be calibrated every few months or so, but the cyberattack has left Intoxalock unable to perform these calibrations. The company said customers whose devices require calibration may experience delays starting their vehicles.

Drivers posting on Reddit say that cars are unable to start if they miss a calibration, effectively locking drivers out of their vehicles.

According to local news reports across Maine, drivers are experiencing lockouts and some have been unable to start their vehicles. One auto shop in Middleboro told WCVB 5 in Boston that it has had cars parked in its lot all week due to the cyberattack.

News reports from across the United States show drivers are affected from New York to Minnesota, and drivers have been unable to drive because their vehicle-based breathalyzers cannot be immediately calibrated.

Intoxalock would not say what kind of cyberattack it was experiencing, such as ransomware or if there was a data breach, or whether it had received any communications from the hackers, including any ransom demands. The company’s technology is used in 46 states, its website says, and it claims to provide services to 150,000 drivers every year.

Intoxalock did not provide an estimated timeline for its recovery.

Keep reading

Researchers uncover iPhone spyware capable of penetrating millions of devices

A powerful software exploit capable of penetrating and stealing information from potentially hundreds of millions of Apple (AAPL.O), opens new tab iPhones ‌was planted on dozens of websites in Ukraine in recent weeks, researchers said on Wednesday.

The discovery marks the second time this month that researchers have found spyware targeting iPhones and other Apple devices. Together, the two hacking tools show that the market for sophisticated malware capable of stealing data and cryptocurrency wallet information ​is flourishing, researchers said.

Researchers with cyber firm Lookout, opens new tab, mobile security firm iVerify, opens new tab and Alphabet’s (GOOGL.O), opens new tabGoogle, opens new tab published coordinated analyses of the malware they dubbed “Darksword.” ​On March 3, Google and iVerify revealed a separate powerful iPhone spyware called “Coruna.” Researchers found Darksword hosted on ⁠the same servers.

“There’s now a verified pipeline of recent exploits … that have ended up in the hands of potentially criminal entities with ​a financial focus,” said Justin Albrecht, principal researcher with Lookout.

Keep reading

Declassified Doc Confirms China Did, in Fact, Breach US Election Security Leading up to 2020 Election

With Republicans working to pass the SAVE America Act in the Senate to safeguard election integrity, a new report out of Washington is highlighting a potential danger to American elections that Democrats don’t want to talk about.

And it turns out there’s a good reason for that — since it could cast a shadow over Joe Biden’s victory in the 2020 vote that has never quite set right with the American right.

It’s a danger that comes from the People’s Republic of China — the United States’ most dangerous enemy on the global stage.

According to a document obtained by Just the News, and confirmed with officials who had knowledge of the investigation, Beijing was able to electronically infiltrate unidentified American election systems as part of a cyber-espionage campaign.

“[Redacted] Chinese intelligence officials analyzed multiple U.S. states’ [Redacted] election voter registration data, [Redacted] to conduct public opinion analysis on the 2020 US general election,” a portion of an April 2020 National Intelligence Council document stated.

The memo, titled “Cyber Operations Enabling Expansive Authoritarianism,” was “quietly declassified” in 2022, but received no attention from either President Joe Biden’s administration or from the establishment media.

“That means six years later that the U.S. intelligence community has yet to fully inform the American people or the Congress on the breadth of evidence it possesses of China’s actions, how Beijing got the data, and what operations it has taken or contemplated,” wrote Just the News founder John Solomon and chief investigative correspondent Jerry Dunleavy.

Keep reading

Britain had meltdown when China hacked voter files, but U.S. intel kept it secret in America

The United States expressed outrage when Great Britain revealed two years ago that its voter registration databases were hacked by China in what became a global scandal. But it turns out the U.S. intelligence harbored its own secret at the time, knowing since 2020 that Beijing also gained access to American voter registration data, according to documents reviewed by Just the News and interviews with officials with direct knowledge.

“[Redacted] Chinese intelligence officials analyzed multiple U.S. states’ [Redacted] election voter registration data, [Redacted] to conduct public opinion analysis on the 2020 US general election,” stated a once highly classified April 2020 National Intelligence Council memo entitled “Cyber Operations Enabling Expansive Authoritarianism.” 

You can read that document here.

NICM-Declassified-Cyber-Operations-Enabling-Expansive-Digital-Authoritarianism-20200407–2022.pdf

That memo, heavily redacted and quietly declassified by the Biden administration two years after it was written, has escaped most public notice.

That means six years later that the U.S. intelligence community has yet to fully inform the American people or the Congress on the breadth of evidence it possesses of China’s actions, how Beijing got the data, and what operations it has taken or contemplated. 

The gap in public knowledge is particularly politically sensitive as the Senate this week debates a new election security bill that is a top priority for President Donald Trump. Officials told Just the News that Director of National Intelligence Tulsi Gabbard and CIA Director John Ratcliffe are working to declassify a potentially explosive tranche of documents showing what China did, and who in U.S. government knew and when.

The secrecy surrounding China’s access to voter registration has been so persistent that even Republican National Committee Chairman Joe Gruters, President Donald Trump’s point man for the 2026 mid-term elections, said he was unaware of the intelligence. “What’s crazy is the fact that China has access to these voter rolls, but we don’t,” Gruters told John Solomon Reports podcast in an episode set to air Tuesday.

Keep reading